AMBARI-20408. Atlas MetaData server start fails while granting permissions to HBase tables after unkerberizing the cluster (rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/9dc4a3df Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/9dc4a3df Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/9dc4a3df Branch: refs/heads/branch-feature-AMBARI-12556 Commit: 9dc4a3dfd25f160ab7014bf78e98efa9237a0ebf Parents: 0c76e2f Author: Robert Levas <rle...@hortonworks.com> Authored: Tue Mar 14 10:42:43 2017 -0400 Committer: Robert Levas <rle...@hortonworks.com> Committed: Tue Mar 14 10:42:43 2017 -0400 ---------------------------------------------------------------------- .../server/controller/KerberosHelper.java | 3 - .../server/controller/KerberosHelperImpl.java | 104 +++----- .../AbstractPrepareKerberosServerAction.java | 237 ++++++++++++------- .../PrepareDisableKerberosServerAction.java | 108 ++------- .../PrepareEnableKerberosServerAction.java | 19 +- .../PrepareKerberosIdentitiesServerAction.java | 127 ++-------- ...AbstractPrepareKerberosServerActionTest.java | 30 +-- 7 files changed, 257 insertions(+), 371 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/9dc4a3df/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java index 0e27d03..d000571 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java @@ -293,8 +293,6 @@ public interface KerberosHelper { * @param existingConfigurations the cluster's existing configurations * @param kerberosConfigurations the configuration updates to make * @param propertiesToIgnore the configuration properties that should be ignored when applying recommendations - * @param propertiesToInsert the configuration properties that must be inserted to cluster config are inserted - * into this map in case if provided (not null) and kerberosEnabled = false * @param propertiesToRemove the configuration properties that must be removed from cluster config are inserted * into this map in case if provided (not null) and kerberosEnabled * @param kerberosEnabled true if kerberos is (to be) enabled; otherwise false @@ -305,7 +303,6 @@ public interface KerberosHelper { Map<String, Map<String, String>> existingConfigurations, Map<String, Map<String, String>> kerberosConfigurations, Map<String, Set<String>> propertiesToIgnore, - Map<String, Map<String, String>> propertiesToInsert, Map<String, Set<String>> propertiesToRemove, boolean kerberosEnabled) throws AmbariException; http://git-wip-us.apache.org/repos/asf/ambari/blob/9dc4a3df/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java index baa90e7..5204322 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java @@ -363,7 +363,7 @@ public class KerberosHelperImpl implements KerberosHelper { // If Ambari is managing it own identities then add AMBARI to the set of installed servcie so // that its Kerberos descriptor entries will be included. - if(createAmbariIdentities(existingConfigurations.get("kerberos-env"))) { + if (createAmbariIdentities(existingConfigurations.get("kerberos-env"))) { installedServices = new HashMap<String, Set<String>>(installedServices); installedServices.put("AMBARI", Collections.singleton("AMBARI_SERVER")); } @@ -414,7 +414,7 @@ public class KerberosHelperImpl implements KerberosHelper { return (applyStackAdvisorUpdates) ? applyStackAdvisorUpdates(cluster, installedServices.keySet(), configurations, kerberosConfigurations, propertiesToIgnore, - null, new HashMap<String, Set<String>>(), kerberosEnabled) + new HashMap<String, Set<String>>(), kerberosEnabled) : kerberosConfigurations; } @@ -423,7 +423,6 @@ public class KerberosHelperImpl implements KerberosHelper { Map<String, Map<String, String>> existingConfigurations, Map<String, Map<String, String>> kerberosConfigurations, Map<String, Set<String>> propertiesToIgnore, - Map<String, Map<String, String>> propertiesToInsert, Map<String, Set<String>> propertiesToRemove, boolean kerberosEnabled) throws AmbariException { @@ -514,14 +513,12 @@ public class KerberosHelperImpl implements KerberosHelper { Map<String, String> kerberosConfigProperties = kerberosConfigurations.get(configType); Set<String> ignoreProperties = (propertiesToIgnore == null) ? null : propertiesToIgnore.get(configType); - addRecommendedPropertiesForConfigType(kerberosEnabled, kerberosConfigurations, configType, - recommendedConfigProperties, - existingConfigProperties, kerberosConfigProperties, ignoreProperties, propertiesToInsert); + addRecommendedPropertiesForConfigType(kerberosConfigurations, configType, recommendedConfigProperties, + existingConfigProperties, kerberosConfigProperties, ignoreProperties); + if (recommendedConfigPropertyAttributes != null) { - removeRecommendedPropertiesForConfigType(kerberosEnabled, configType, - recommendedConfigPropertyAttributes, - existingConfigProperties, - kerberosConfigurations, ignoreProperties, propertiesToRemove); + removeRecommendedPropertiesForConfigType(configType, recommendedConfigPropertyAttributes, + existingConfigProperties, kerberosConfigurations, ignoreProperties, propertiesToRemove); } } } @@ -535,71 +532,46 @@ public class KerberosHelperImpl implements KerberosHelper { } /* - * Recommended property will be added to kerberosConfigurations if kerberosEnabled or to propertiesToInsert - * otherwise. + * Recommended property will be updated in or added to kerberosConfigurationS. */ - private void addRecommendedPropertiesForConfigType(boolean kerberosEnabled, Map<String, Map<String, String>> kerberosConfigurations, + private void addRecommendedPropertiesForConfigType(Map<String, Map<String, String>> kerberosConfigurations, String configType, Map<String, String> recommendedConfigProperties, Map<String, String> existingConfigProperties, Map<String, String> kerberosConfigProperties, - Set<String> ignoreProperties, - Map<String, Map<String, String>> propertiesToInsert) { + Set<String> ignoreProperties) { for (Map.Entry<String, String> property : recommendedConfigProperties.entrySet()) { String propertyName = property.getKey(); if ((ignoreProperties == null) || !ignoreProperties.contains(propertyName)) { String recommendedValue = property.getValue(); - if (kerberosEnabled) { - if (kerberosConfigProperties == null) { - // There is no explicit update for this property from the Kerberos Descriptor... - // add the config and property if it also does not exist in the existing configurations - if ((existingConfigProperties == null) || !existingConfigProperties.containsKey(propertyName)) { - LOG.debug("Adding Kerberos configuration based on StackAdvisor recommendation:" + - "\n\tConfigType: {}\n\tProperty: {}\n\tValue: {}", - configType, propertyName, recommendedValue); - - HashMap<String, String> properties = new HashMap<String, String>(); - properties.put(propertyName, recommendedValue); - kerberosConfigurations.put(configType, properties); - } - } else { - String value = kerberosConfigProperties.get(propertyName); - if (value == null) { - // There is no explicit update for this property from the Kerberos Descriptor... - // add the property if it also does not exist in the existing configurations - if ((existingConfigProperties == null) || !existingConfigProperties.containsKey(propertyName)) { - LOG.debug("Adding Kerberos configuration based on StackAdvisor recommendation:" + - "\n\tConfigType: {}\n\tProperty: {}\n\tValue: {}", - configType, propertyName, recommendedValue); - - kerberosConfigProperties.put(propertyName, recommendedValue); - } - } else if (!value.equals(recommendedValue)) { - // If the recommended value is a change, automatically change it. - LOG.debug("Updating Kerberos configuration based on StackAdvisor recommendation:" + - "\n\tConfigType: {}\n\tProperty: {}\n\tOld Value: {}\n\tNew Value: {}", - configType, propertyName, value, recommendedValue); - kerberosConfigProperties.put(propertyName, recommendedValue); + if ((kerberosConfigProperties == null) || !kerberosConfigProperties.containsKey(propertyName)) { + // There is no explicit update for this property from the Kerberos Descriptor... + // add the config and property if it also does not exist in the existing configurations + if ((existingConfigProperties == null) || !existingConfigProperties.containsKey(propertyName)) { + LOG.debug("Adding Kerberos configuration based on StackAdvisor recommendation:" + + "\n\tConfigType: {}\n\tProperty: {}\n\tValue: {}", + configType, propertyName, recommendedValue); + + if(kerberosConfigProperties == null) { + kerberosConfigProperties = new HashMap<String, String>(); + kerberosConfigurations.put(configType, kerberosConfigProperties); } + + kerberosConfigProperties.put(propertyName, recommendedValue); } - } else if (propertiesToInsert != null && ((existingConfigProperties == null) || !existingConfigProperties - .containsKey(propertyName))) { - Map<String, String> properties = propertiesToInsert.get(configType); - if (properties == null) { - properties = new HashMap<>(); - propertiesToInsert.put(configType, properties); + } else { + String value = kerberosConfigProperties.get(propertyName); + if ((value == null) ? (recommendedValue != null) : !value.equals(recommendedValue)) { + // If the recommended value is a change, automatically change it. + LOG.debug("Updating Kerberos configuration based on StackAdvisor recommendation:" + + "\n\tConfigType: {}\n\tProperty: {}\n\tOld Value: {}\n\tNew Value: {}", + configType, propertyName, (value == null) ? "" : value, (recommendedValue == null) ? "" : recommendedValue); + + kerberosConfigProperties.put(propertyName, recommendedValue); } - - LOG.debug("Property to add to configuration based on StackAdvisor recommendation:" + - "\n\tConfigType: {}\n\tProperty: {}\n\tValue: {}", - configType, propertyName, recommendedValue); - - properties.put(propertyName, recommendedValue); } - - } } } @@ -607,14 +579,14 @@ public class KerberosHelperImpl implements KerberosHelper { /** * If property is marked with delete flag in recommendedConfigPropertyAttributes map and is not found in * ignoreProperties, nor in kerberosConfigProperties but exits in existingConfigProperties add to - * propertiesToRemove map if kerberosEnabled or kerberosConfigurations otherwise. + * propertiesToRemove map. */ - private void removeRecommendedPropertiesForConfigType(boolean kerberosEnabled, String configType, + private void removeRecommendedPropertiesForConfigType(String configType, Map<String, ValueAttributesInfo> recommendedConfigPropertyAttributes, Map<String, String> existingConfigProperties, Map<String, Map<String, String>> kerberosConfigurations, - Set<String> ignoreProperties, Map<String, Set<String>> - propertiesToRemove) { + Set<String> ignoreProperties, + Map<String, Set<String>> propertiesToRemove) { for (Map.Entry<String, ValueAttributesInfo> property : recommendedConfigPropertyAttributes.entrySet()) { String propertyName = property.getKey(); @@ -631,7 +603,7 @@ public class KerberosHelperImpl implements KerberosHelper { configType, propertyName); // kerberosEnabled add property to propertiesToRemove, otherwise to kerberosConfigurations map - if (kerberosEnabled && propertiesToRemove != null) { + if (propertiesToRemove != null) { Set<String> properties = propertiesToRemove.get(configType); if (properties == null) { properties = new HashSet<String>(); @@ -3278,6 +3250,8 @@ public class KerberosHelperImpl implements KerberosHelper { commandParameters.put(KerberosServerAction.UPDATE_CONFIGURATION_NOTE, "Enabling Kerberos"); commandParameters.put(KerberosServerAction.UPDATE_CONFIGURATIONS, "true"); commandParameters.put(KerberosServerAction.DEFAULT_REALM, kerberosDetails.getDefaultRealm()); + commandParameters.put(KerberosServerAction.INCLUDE_AMBARI_IDENTITY, (kerberosDetails.createAmbariPrincipal()) ? "true" : "false"); + if (dataDirectory != null) { commandParameters.put(KerberosServerAction.DATA_DIRECTORY, dataDirectory.getAbsolutePath()); } http://git-wip-us.apache.org/repos/asf/ambari/blob/9dc4a3df/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractPrepareKerberosServerAction.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractPrepareKerberosServerAction.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractPrepareKerberosServerAction.java index 3cd6b81..7824019 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractPrepareKerberosServerAction.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractPrepareKerberosServerAction.java @@ -57,23 +57,30 @@ public abstract class AbstractPrepareKerberosServerAction extends KerberosServer @Inject private KerberosIdentityDataFileWriterFactory kerberosIdentityDataFileWriterFactory; + @Inject + private KerberosConfigDataFileWriterFactory kerberosConfigDataFileWriterFactory; + @Override protected CommandReport processIdentity(Map<String, String> identityRecord, String evaluatedPrincipal, KerberosOperationHandler operationHandler, Map<String, String> kerberosConfiguration, Map<String, Object> requestSharedDataContext) throws AmbariException { throw new UnsupportedOperationException(); } - protected void processServiceComponentHosts(Cluster cluster, KerberosDescriptor kerberosDescriptor, List<ServiceComponentHost> schToProcess, - Collection<String> identityFilter, String dataDirectory, - Map<String, Map<String, String>> kerberosConfigurations, - Map<String, Map<String, String>> propertiesToInsert, - Map<String, Set<String>> propertiesToRemove, - boolean kerberosEnabled, boolean includeAmbariIdentity) throws - AmbariException { + KerberosHelper getKerberosHelper() { + return kerberosHelper; + } + + void processServiceComponentHosts(Cluster cluster, KerberosDescriptor kerberosDescriptor, + List<ServiceComponentHost> schToProcess, + Collection<String> identityFilter, String dataDirectory, + Map<String, Map<String, String>> currentConfigurations, + Map<String, Map<String, String>> kerberosConfigurations, + boolean includeAmbariIdentity, + Map<String, Set<String>> propertiesToBeIgnored) throws AmbariException { actionLog.writeStdOut("Processing Kerberos identities and configurations"); if (!schToProcess.isEmpty()) { - if(dataDirectory == null) { + if (dataDirectory == null) { String message = "The data directory has not been set. Generated data can not be stored."; LOG.error(message); throw new AmbariException(message); @@ -82,16 +89,11 @@ public abstract class AbstractPrepareKerberosServerAction extends KerberosServer // Create the file used to store details about principals and keytabs to create File identityDataFile = new File(dataDirectory, KerberosIdentityDataFileWriter.DATA_FILE_NAME); - Map<String, String> kerberosDescriptorProperties = kerberosDescriptor.getProperties(); KerberosIdentityDataFileWriter kerberosIdentityDataFileWriter; - // Calculate the current host-specific configurations. These will be used to replace - // variables within the Kerberos descriptor data - Map<String, Map<String, String>> configurations = kerberosHelper.calculateConfigurations(cluster, null, kerberosDescriptorProperties); - // Create the context to use for filtering Kerberos Identities based on the state of the cluster Map<String, Object> filterContext = new HashMap<String, Object>(); - filterContext.put("configurations", configurations); + filterContext.put("configurations", currentConfigurations); filterContext.put("services", cluster.getServices().keySet()); actionLog.writeStdOut(String.format("Writing Kerberos identity data metadata file to %s", identityDataFile.getAbsolutePath())); @@ -106,80 +108,76 @@ public abstract class AbstractPrepareKerberosServerAction extends KerberosServer } try { - Set<String> services = cluster.getServices().keySet(); Map<String, Set<String>> propertiesToIgnore = null; - try { - - // Iterate over the components installed on the current host to get the service and - // component-level Kerberos descriptors in order to determine which principals, - // keytab files, and configurations need to be created or updated. - for (ServiceComponentHost sch : schToProcess) { - String hostName = sch.getHostName(); + // Iterate over the components installed on the current host to get the service and + // component-level Kerberos descriptors in order to determine which principals, + // keytab files, and configurations need to be created or updated. + for (ServiceComponentHost sch : schToProcess) { + String hostName = sch.getHostName(); - String serviceName = sch.getServiceName(); - String componentName = sch.getServiceComponentName(); + String serviceName = sch.getServiceName(); + String componentName = sch.getServiceComponentName(); - KerberosServiceDescriptor serviceDescriptor = kerberosDescriptor.getService(serviceName); + KerberosServiceDescriptor serviceDescriptor = kerberosDescriptor.getService(serviceName); - if (serviceDescriptor != null) { - List<KerberosIdentityDescriptor> serviceIdentities = serviceDescriptor.getIdentities(true, filterContext); + if (serviceDescriptor != null) { + List<KerberosIdentityDescriptor> serviceIdentities = serviceDescriptor.getIdentities(true, filterContext); - // Add service-level principals (and keytabs) - kerberosHelper.addIdentities(kerberosIdentityDataFileWriter, serviceIdentities, - identityFilter, hostName, serviceName, componentName, kerberosConfigurations, configurations); - propertiesToIgnore = gatherPropertiesToIgnore(serviceIdentities, propertiesToIgnore); + // Add service-level principals (and keytabs) + kerberosHelper.addIdentities(kerberosIdentityDataFileWriter, serviceIdentities, + identityFilter, hostName, serviceName, componentName, kerberosConfigurations, currentConfigurations); + propertiesToIgnore = gatherPropertiesToIgnore(serviceIdentities, propertiesToIgnore); - KerberosComponentDescriptor componentDescriptor = serviceDescriptor.getComponent(componentName); + KerberosComponentDescriptor componentDescriptor = serviceDescriptor.getComponent(componentName); - if (componentDescriptor != null) { - List<KerberosIdentityDescriptor> componentIdentities = componentDescriptor.getIdentities(true, filterContext); + if (componentDescriptor != null) { + List<KerberosIdentityDescriptor> componentIdentities = componentDescriptor.getIdentities(true, filterContext); - // Calculate the set of configurations to update and replace any variables - // using the previously calculated Map of configurations for the host. - kerberosHelper.mergeConfigurations(kerberosConfigurations, - componentDescriptor.getConfigurations(true), configurations); + // Calculate the set of configurations to update and replace any variables + // using the previously calculated Map of configurations for the host. + kerberosHelper.mergeConfigurations(kerberosConfigurations, + componentDescriptor.getConfigurations(true), currentConfigurations); - // Add component-level principals (and keytabs) - kerberosHelper.addIdentities(kerberosIdentityDataFileWriter, componentIdentities, - identityFilter, hostName, serviceName, componentName, kerberosConfigurations, configurations); - propertiesToIgnore = gatherPropertiesToIgnore(componentIdentities, propertiesToIgnore); - } + // Add component-level principals (and keytabs) + kerberosHelper.addIdentities(kerberosIdentityDataFileWriter, componentIdentities, + identityFilter, hostName, serviceName, componentName, kerberosConfigurations, currentConfigurations); + propertiesToIgnore = gatherPropertiesToIgnore(componentIdentities, propertiesToIgnore); } } + } - // Add ambari-server identities only if 'kerberos-env.create_ambari_principal = true' - if (includeAmbariIdentity && kerberosHelper.createAmbariIdentities(configurations.get("kerberos-env"))) { - List<KerberosIdentityDescriptor> ambariIdentities = kerberosHelper.getAmbariServerIdentities(kerberosDescriptor); - - if (!ambariIdentities.isEmpty()) { - for (KerberosIdentityDescriptor identity : ambariIdentities) { - // If the identity represents the ambari-server user, use the component name "AMBARI_SERVER_SELF" - // so it can be distinguished between other identities related to the AMBARI-SERVER - // component. - String componentName = KerberosHelper.AMBARI_SERVER_KERBEROS_IDENTITY_NAME.equals(identity.getName()) - ? "AMBARI_SERVER_SELF" - : "AMBARI_SERVER"; - - List<KerberosIdentityDescriptor> componentIdentities = Collections.singletonList(identity); - kerberosHelper.addIdentities(kerberosIdentityDataFileWriter, componentIdentities, - identityFilter, KerberosHelper.AMBARI_SERVER_HOST_NAME, "AMBARI", componentName, kerberosConfigurations, configurations); - propertiesToIgnore = gatherPropertiesToIgnore(componentIdentities, propertiesToIgnore); - } + // Add ambari-server identities only if 'kerberos-env.create_ambari_principal = true' + if (includeAmbariIdentity && kerberosHelper.createAmbariIdentities(currentConfigurations.get("kerberos-env"))) { + List<KerberosIdentityDescriptor> ambariIdentities = kerberosHelper.getAmbariServerIdentities(kerberosDescriptor); + + if (!ambariIdentities.isEmpty()) { + for (KerberosIdentityDescriptor identity : ambariIdentities) { + // If the identity represents the ambari-server user, use the component name "AMBARI_SERVER_SELF" + // so it can be distinguished between other identities related to the AMBARI-SERVER + // component. + String componentName = KerberosHelper.AMBARI_SERVER_KERBEROS_IDENTITY_NAME.equals(identity.getName()) + ? "AMBARI_SERVER_SELF" + : "AMBARI_SERVER"; + + List<KerberosIdentityDescriptor> componentIdentities = Collections.singletonList(identity); + kerberosHelper.addIdentities(kerberosIdentityDataFileWriter, componentIdentities, + identityFilter, KerberosHelper.AMBARI_SERVER_HOST_NAME, "AMBARI", componentName, kerberosConfigurations, currentConfigurations); + propertiesToIgnore = gatherPropertiesToIgnore(componentIdentities, propertiesToIgnore); } } - } catch (IOException e) { - String message = String.format("Failed to write index file - %s", identityDataFile.getAbsolutePath()); - LOG.error(message, e); - actionLog.writeStdOut(message); - actionLog.writeStdErr(message + "\n" + e.getLocalizedMessage()); - throw new AmbariException(message, e); } - kerberosHelper.applyStackAdvisorUpdates(cluster, services, configurations, kerberosConfigurations, - propertiesToIgnore, propertiesToInsert, propertiesToRemove, kerberosEnabled); - } - finally { + if ((propertiesToBeIgnored != null) && (propertiesToIgnore != null)) { + propertiesToBeIgnored.putAll(propertiesToIgnore); + } + } catch (IOException e) { + String message = String.format("Failed to write index file - %s", identityDataFile.getAbsolutePath()); + LOG.error(message, e); + actionLog.writeStdOut(message); + actionLog.writeStdErr(message + "\n" + e.getLocalizedMessage()); + throw new AmbariException(message, e); + } finally { if (kerberosIdentityDataFileWriter != null) { // Make sure the data file is closed try { @@ -201,8 +199,7 @@ public abstract class AbstractPrepareKerberosServerAction extends KerberosServer if(serializedValue != null) { Type type = new TypeToken<Map<String, ? extends Collection<String>>>() {}.getType(); return StageUtils.getGson().fromJson(serializedValue, type); - } - else { + } else { return null; } } @@ -213,8 +210,7 @@ public abstract class AbstractPrepareKerberosServerAction extends KerberosServer if(serializedValue != null) { Type type = new TypeToken<Set<String>>() {}.getType(); return StageUtils.getGson().fromJson(serializedValue, type); - } - else { + } else { return null; } } @@ -225,17 +221,16 @@ public abstract class AbstractPrepareKerberosServerAction extends KerberosServer if(serializedValue != null) { Type type = new TypeToken<Collection<String>>() {}.getType(); return StageUtils.getGson().fromJson(serializedValue, type); - } - else { + } else { return null; } } private Map<String, Set<String>> gatherPropertiesToIgnore(List<KerberosIdentityDescriptor> identities, Map<String, Set<String>> propertiesToIgnore) { - Map<String,Map<String,String>> identityConfigurations = kerberosHelper.getIdentityConfigurations(identities); + Map<String, Map<String, String>> identityConfigurations = kerberosHelper.getIdentityConfigurations(identities); if ((identityConfigurations != null) && !identityConfigurations.isEmpty()) { - if(propertiesToIgnore == null) { + if (propertiesToIgnore == null) { propertiesToIgnore = new HashMap<String, Set<String>>(); } @@ -256,4 +251,88 @@ public abstract class AbstractPrepareKerberosServerAction extends KerberosServer return propertiesToIgnore; } + + /** + * Processes configuration changes to determine if any work needs to be done. + * <p/> + * If work is to be done, a data file containing the details is created so it they changes may be + * processed in the appropriate stage. + * + * @param dataDirectory the directory in which to write the configuration changes data file + * @param kerberosConfigurations the Kerberos-specific configuration map + * @param propertiesToBeRemoved a map of properties to be removed from the current configuration, + * grouped by configuration type. + * @throws AmbariException + */ + protected void processConfigurationChanges(String dataDirectory, + Map<String, Map<String, String>> kerberosConfigurations, + Map<String, Set<String>> propertiesToBeRemoved) + throws AmbariException { + actionLog.writeStdOut("Determining configuration changes"); + + // If there are configurations to set, create a (temporary) data file to store the configuration + // updates and fill it will the relevant configurations. + if (!kerberosConfigurations.isEmpty()) { + if (dataDirectory == null) { + String message = "The data directory has not been set. Generated data can not be stored."; + LOG.error(message); + throw new AmbariException(message); + } + + File configFile = new File(dataDirectory, KerberosConfigDataFileWriter.DATA_FILE_NAME); + KerberosConfigDataFileWriter kerberosConfDataFileWriter = null; + + actionLog.writeStdOut(String.format("Writing configuration changes metadata file to %s", configFile.getAbsolutePath())); + try { + kerberosConfDataFileWriter = kerberosConfigDataFileWriterFactory.createKerberosConfigDataFileWriter(configFile); + // add properties to be set + for (Map.Entry<String, Map<String, String>> entry : kerberosConfigurations.entrySet()) { + String type = entry.getKey(); + Map<String, String> properties = entry.getValue(); + + if (properties != null) { + for (Map.Entry<String, String> configTypeEntry : properties.entrySet()) { + kerberosConfDataFileWriter.addRecord(type, + configTypeEntry.getKey(), + configTypeEntry.getValue(), + KerberosConfigDataFileWriter.OPERATION_TYPE_SET); + } + } + } + // add properties to be removed + if (propertiesToBeRemoved != null) { + for (Map.Entry<String, Set<String>> entry : propertiesToBeRemoved.entrySet()) { + String type = entry.getKey(); + Set<String> properties = entry.getValue(); + + if (properties != null) { + for (String property : properties) { + kerberosConfDataFileWriter.addRecord(type, + property, + "", + KerberosConfigDataFileWriter.OPERATION_TYPE_REMOVE); + } + } + } + } + } catch (IOException e) { + String message = String.format("Failed to write kerberos configurations file - %s", configFile.getAbsolutePath()); + LOG.error(message, e); + actionLog.writeStdOut(message); + actionLog.writeStdErr(message + "\n" + e.getLocalizedMessage()); + throw new AmbariException(message, e); + } finally { + if (kerberosConfDataFileWriter != null) { + try { + kerberosConfDataFileWriter.close(); + } catch (IOException e) { + String message = "Failed to close the kerberos configurations file writer"; + LOG.warn(message, e); + actionLog.writeStdOut(message); + actionLog.writeStdErr(message + "\n" + e.getLocalizedMessage()); + } + } + } + } + } } http://git-wip-us.apache.org/repos/asf/ambari/blob/9dc4a3df/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareDisableKerberosServerAction.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareDisableKerberosServerAction.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareDisableKerberosServerAction.java index f221ee7..e0d16af 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareDisableKerberosServerAction.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareDisableKerberosServerAction.java @@ -18,8 +18,6 @@ package org.apache.ambari.server.serveraction.kerberos; -import java.io.File; -import java.io.IOException; import java.util.Collection; import java.util.HashMap; import java.util.HashSet; @@ -52,19 +50,9 @@ import com.google.inject.Inject; public class PrepareDisableKerberosServerAction extends AbstractPrepareKerberosServerAction { private final static Logger LOG = LoggerFactory.getLogger(PrepareDisableKerberosServerAction.class); - /** - * KerberosHelper - */ - @Inject - private KerberosHelper kerberosHelper; - @Inject private ConfigHelper configHelper; - @Inject - private KerberosConfigDataFileWriterFactory kerberosConfigDataFileWriterFactory; - - /** * Called to execute this action. Upon invocation, calls * {@link KerberosServerAction#processIdentities(Map)} @@ -88,6 +76,8 @@ public class PrepareDisableKerberosServerAction extends AbstractPrepareKerberosS throw new AmbariException("Missing cluster object"); } + KerberosHelper kerberosHelper = getKerberosHelper(); + KerberosDescriptor kerberosDescriptor = kerberosHelper.getKerberosDescriptor(cluster); Collection<String> identityFilter = getIdentityFilter(); List<ServiceComponentHost> schToProcess = kerberosHelper.getServiceComponentHostsToProcess(cluster, @@ -97,7 +87,7 @@ public class PrepareDisableKerberosServerAction extends AbstractPrepareKerberosS new KerberosHelper.Command<Boolean, ServiceComponentHost>() { @Override public Boolean invoke(ServiceComponentHost sch) throws AmbariException { - return (sch.getDesiredSecurityState() == SecurityState.UNSECURED) && (sch.getSecurityState() != SecurityState.UNSECURED); + return (sch.getDesiredSecurityState() == SecurityState.UNSECURED) && (sch.getSecurityState() != SecurityState.UNSECURED); } }); @@ -114,13 +104,21 @@ public class PrepareDisableKerberosServerAction extends AbstractPrepareKerberosS actionLog.writeStdOut(String.format("Processing %d components", schCount)); } - Map<String, Map<String, String>> propertiesToInsert = new HashMap<>(); + Map<String, String> kerberosDescriptorProperties = kerberosDescriptor.getProperties(); + Set<String> services = cluster.getServices().keySet(); + boolean includeAmbariIdentity = "true".equalsIgnoreCase(getCommandParameterValue(commandParameters, KerberosServerAction.INCLUDE_AMBARI_IDENTITY)); + Map<String, Set<String>> propertiesToIgnore = new HashMap<>(); + + // Calculate the current host-specific configurations. These will be used to replace + // variables within the Kerberos descriptor data + Map<String, Map<String, String>> configurations = kerberosHelper.calculateConfigurations(cluster, null, kerberosDescriptorProperties); + processServiceComponentHosts(cluster, kerberosDescriptor, schToProcess, identityFilter, dataDirectory, - kerberosConfigurations, propertiesToInsert, null, false, true); + configurations, kerberosConfigurations, includeAmbariIdentity, propertiesToIgnore); // Add auth-to-local configurations to the set of changes Set<String> authToLocalProperties = kerberosDescriptor.getAllAuthToLocalProperties(); - if(authToLocalProperties != null) { + if (authToLocalProperties != null) { for (String authToLocalProperty : authToLocalProperties) { Matcher m = KerberosDescriptor.AUTH_TO_LOCAL_PROPERTY_SPECIFICATION_PATTERN.matcher(authToLocalProperty); @@ -153,15 +151,13 @@ public class PrepareDisableKerberosServerAction extends AbstractPrepareKerberosS // If there are configurations to set, create a (temporary) data file to store the configuration // updates and fill it will the relevant configurations. if (!kerberosConfigurations.isEmpty()) { - if(dataDirectory == null) { + if (dataDirectory == null) { String message = "The data directory has not been set. Generated data can not be stored."; LOG.error(message); throw new AmbariException(message); } - Map<String, Collection<String>> configurationsToRemove = new HashMap<String, Collection<String>>(); - File configFile = new File(dataDirectory, KerberosConfigDataFileWriter.DATA_FILE_NAME); - KerberosConfigDataFileWriter kerberosConfDataFileWriter = null; + Map<String, Set<String>> configurationsToRemove = new HashMap<String, Set<String>>(); // Fill the configurationsToRemove map with all Kerberos-related configurations. Values // needed to be kept will have new values from the stack definition and thus pruned from @@ -174,21 +170,6 @@ public class PrepareDisableKerberosServerAction extends AbstractPrepareKerberosS // or properties and the logic below will remove all from this set - which is not desirable. configurationsToRemove.remove("cluster-env"); - // Update kerberosConfigurations with properties recommended by stack advisor - for (Map.Entry<String, Map<String, String>> typeEntry : propertiesToInsert.entrySet()) { - String configType = typeEntry.getKey(); - Map<String, String> propertiesMap = typeEntry.getValue(); - - Map<String, String> kerberosPropertiesMap = kerberosConfigurations.get(configType); - if (kerberosPropertiesMap == null) { - kerberosConfigurations.put(configType, propertiesMap); - } else { - for (Map.Entry<String, String> propertyEntry : propertiesMap.entrySet()) { - kerberosPropertiesMap.put(propertyEntry.getKey(), propertyEntry.getValue()); - } - } - } - if (!schToProcess.isEmpty()) { Set<String> visitedServices = new HashSet<String>(); @@ -229,61 +210,10 @@ public class PrepareDisableKerberosServerAction extends AbstractPrepareKerberosS } } - actionLog.writeStdOut(String.format("Writing configuration changes metadata file to %s", configFile.getAbsolutePath())); - try { - kerberosConfDataFileWriter = kerberosConfigDataFileWriterFactory.createKerberosConfigDataFileWriter(configFile); - - for (Map.Entry<String, Map<String, String>> entry : kerberosConfigurations.entrySet()) { - String type = entry.getKey(); - Map<String, String> properties = entry.getValue(); - Collection<String> propertiesToRemove = configurationsToRemove.get(type); + kerberosHelper.applyStackAdvisorUpdates(cluster, services, configurations, kerberosConfigurations, + propertiesToIgnore, configurationsToRemove, false); - if (properties != null) { - for (Map.Entry<String, String> configTypeEntry : properties.entrySet()) { - String propertyName = configTypeEntry.getKey(); - - // Ignore properties that should be removed - if ((propertiesToRemove == null) || !propertiesToRemove.contains(propertyName)) { - String value = configTypeEntry.getValue(); - String operation = (value == null) - ? KerberosConfigDataFileWriter.OPERATION_TYPE_REMOVE - : KerberosConfigDataFileWriter.OPERATION_TYPE_SET; - - kerberosConfDataFileWriter.addRecord(type, propertyName, value, operation); - } - } - } - } - - // Declare which properties to remove from the configurations - for (Map.Entry<String, Collection<String>> entry : configurationsToRemove.entrySet()) { - String type = entry.getKey(); - Collection<String> properties = entry.getValue(); - - if (properties != null) { - for (String propertyName : properties) { - kerberosConfDataFileWriter.addRecord(type, propertyName, null, KerberosConfigDataFileWriter.OPERATION_TYPE_REMOVE); - } - } - } - } catch (IOException e) { - String message = String.format("Failed to write kerberos configurations file - %s", configFile.getAbsolutePath()); - LOG.error(message, e); - actionLog.writeStdOut(message); - actionLog.writeStdErr(message + "\n" + e.getLocalizedMessage()); - throw new AmbariException(message, e); - } finally { - if (kerberosConfDataFileWriter != null) { - try { - kerberosConfDataFileWriter.close(); - } catch (IOException e) { - String message = "Failed to close the kerberos configurations file writer"; - LOG.warn(message, e); - actionLog.writeStdOut(message); - actionLog.writeStdErr(message + "\n" + e.getLocalizedMessage()); - } - } - } + processConfigurationChanges(dataDirectory, kerberosConfigurations, configurationsToRemove); } return createCommandReport(0, HostRoleStatus.COMPLETED, "{}", actionLog.getStdOut(), actionLog.getStdErr()); http://git-wip-us.apache.org/repos/asf/ambari/blob/9dc4a3df/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareEnableKerberosServerAction.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareEnableKerberosServerAction.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareEnableKerberosServerAction.java index 1e6cc46..ed01633 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareEnableKerberosServerAction.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareEnableKerberosServerAction.java @@ -79,9 +79,22 @@ public class PrepareEnableKerberosServerAction extends PrepareKerberosIdentities actionLog.writeStdOut(String.format("Processing %d components", schCount)); } - Map<String, Set<String>> propertiesToBeRemoved = new HashMap<>(); + KerberosHelper kerberosHelper = getKerberosHelper(); + Map<String, String> kerberosDescriptorProperties = kerberosDescriptor.getProperties(); + Map<String, Set<String>> propertiesToRemove = new HashMap<>(); + Map<String, Set<String>> propertiesToIgnore = new HashMap<>(); + Set<String> services = cluster.getServices().keySet(); + + // Calculate the current host-specific configurations. These will be used to replace + // variables within the Kerberos descriptor data + Map<String, Map<String, String>> configurations = kerberosHelper.calculateConfigurations(cluster, null, kerberosDescriptorProperties); + processServiceComponentHosts(cluster, kerberosDescriptor, schToProcess, identityFilter, dataDirectory, - kerberosConfigurations, null, propertiesToBeRemoved, true, true); + configurations, kerberosConfigurations, true, propertiesToIgnore); + + kerberosHelper.applyStackAdvisorUpdates(cluster, services, configurations, kerberosConfigurations, + propertiesToIgnore, propertiesToRemove, true); + processAuthToLocalRules(cluster, kerberosDescriptor, schToProcess, kerberosConfigurations, getDefaultRealm(commandParameters)); // Ensure the cluster-env/security_enabled flag is set properly @@ -92,7 +105,7 @@ public class PrepareEnableKerberosServerAction extends PrepareKerberosIdentities } clusterEnvProperties.put(KerberosHelper.SECURITY_ENABLED_PROPERTY_NAME, "true"); - processConfigurationChanges(dataDirectory, kerberosConfigurations, propertiesToBeRemoved); + processConfigurationChanges(dataDirectory, kerberosConfigurations, propertiesToRemove); return createCommandReport(0, HostRoleStatus.COMPLETED, "{}", actionLog.getStdOut(), actionLog.getStdErr()); } http://git-wip-us.apache.org/repos/asf/ambari/blob/9dc4a3df/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareKerberosIdentitiesServerAction.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareKerberosIdentitiesServerAction.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareKerberosIdentitiesServerAction.java index b466226..9935844 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareKerberosIdentitiesServerAction.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/PrepareKerberosIdentitiesServerAction.java @@ -18,8 +18,6 @@ package org.apache.ambari.server.serveraction.kerberos; -import java.io.File; -import java.io.IOException; import java.util.Collection; import java.util.HashMap; import java.util.HashSet; @@ -38,8 +36,6 @@ import org.apache.ambari.server.state.kerberos.KerberosDescriptor; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import com.google.inject.Inject; - /** * PrepareKerberosIdentitiesServerAction is a ServerAction implementation that prepares metadata needed * to process Kerberos identities (principals and keytabs files). @@ -48,15 +44,6 @@ public class PrepareKerberosIdentitiesServerAction extends AbstractPrepareKerber private final static Logger LOG = LoggerFactory.getLogger(PrepareKerberosIdentitiesServerAction.class); /** - * KerberosHelper - */ - @Inject - private KerberosHelper kerberosHelper; - - @Inject - private KerberosConfigDataFileWriterFactory kerberosConfigDataFileWriterFactory; - - /** * Called to execute this action. Upon invocation, calls * {@link KerberosServerAction#processIdentities(Map)} * to iterate through the Kerberos identity metadata and call @@ -96,14 +83,26 @@ public class PrepareKerberosIdentitiesServerAction extends AbstractPrepareKerber actionLog.writeStdOut(String.format("Processing %d components", schCount)); } - Map<String, Set<String>> propertiesToBeRemoved = new HashMap<>(); + KerberosHelper kerberosHelper = getKerberosHelper(); + Map<String, String> kerberosDescriptorProperties = kerberosDescriptor.getProperties(); + Set<String> services = cluster.getServices().keySet(); + Map<String, Set<String>> propertiesToRemove = new HashMap<>(); + Map<String, Set<String>> propertiesToIgnore = new HashMap<>(); + boolean includeAmbariIdentity = "true".equalsIgnoreCase(getCommandParameterValue(commandParameters, KerberosServerAction.INCLUDE_AMBARI_IDENTITY)); + + // Calculate the current host-specific configurations. These will be used to replace + // variables within the Kerberos descriptor data + Map<String, Map<String, String>> configurations = kerberosHelper.calculateConfigurations(cluster, null, kerberosDescriptorProperties); + processServiceComponentHosts(cluster, kerberosDescriptor, schToProcess, identityFilter, dataDirectory, - kerberosConfigurations, null, propertiesToBeRemoved, true, "true".equalsIgnoreCase(getCommandParameterValue(commandParameters, - KerberosServerAction.INCLUDE_AMBARI_IDENTITY))); + configurations, kerberosConfigurations, includeAmbariIdentity, propertiesToIgnore); + + kerberosHelper.applyStackAdvisorUpdates(cluster, services, configurations, kerberosConfigurations, + propertiesToIgnore, propertiesToRemove, true); if ("true".equalsIgnoreCase(getCommandParameterValue(commandParameters, UPDATE_CONFIGURATIONS))) { processAuthToLocalRules(cluster, kerberosDescriptor, schToProcess, kerberosConfigurations, getDefaultRealm(commandParameters)); - processConfigurationChanges(dataDirectory, kerberosConfigurations, propertiesToBeRemoved); + processConfigurationChanges(dataDirectory, kerberosConfigurations, propertiesToRemove); } return createCommandReport(0, HostRoleStatus.COMPLETED, "{}", actionLog.getStdOut(), actionLog.getStdErr()); @@ -135,7 +134,7 @@ public class PrepareKerberosIdentitiesServerAction extends AbstractPrepareKerber KerberosDescriptor kerberosDescriptor, Collection<String> identityFilter) throws AmbariException { - return kerberosHelper.getServiceComponentHostsToProcess(cluster, + return getKerberosHelper().getServiceComponentHostsToProcess(cluster, kerberosDescriptor, getServiceComponentFilter(), getHostFilter(), identityFilter, @@ -157,7 +156,7 @@ public class PrepareKerberosIdentitiesServerAction extends AbstractPrepareKerber */ protected KerberosDescriptor getKerberosDescriptor(Cluster cluster) throws AmbariException { - return kerberosHelper.getKerberosDescriptor(cluster); + return getKerberosHelper().getKerberosDescriptor(cluster); } /** @@ -180,10 +179,10 @@ public class PrepareKerberosIdentitiesServerAction extends AbstractPrepareKerber if (!schToProcess.isEmpty()) { actionLog.writeStdOut("Creating auth-to-local rules"); - Map<String,Set<String>> services = new HashMap<String, Set<String>>(); - for(ServiceComponentHost sch: schToProcess) { + Map<String, Set<String>> services = new HashMap<String, Set<String>>(); + for (ServiceComponentHost sch : schToProcess) { Set<String> components = services.get(sch.getServiceName()); - if(components == null) { + if (components == null) { components = new HashSet<String>(); services.put(sch.getServiceName(), components); } @@ -191,93 +190,11 @@ public class PrepareKerberosIdentitiesServerAction extends AbstractPrepareKerber components.add(sch.getServiceComponentName()); } + KerberosHelper kerberosHelper = getKerberosHelper(); kerberosHelper.setAuthToLocalRules(kerberosDescriptor, defaultRealm, services, kerberosHelper.calculateConfigurations(cluster, null, kerberosDescriptor.getProperties()), kerberosConfigurations); } } - - /** - * Processes configuration changes to determine if any work needs to be done. - * <p/> - * If work is to be done, a data file containing the details is created so it they changes may be - * processed in the appropriate stage. - * - * @param dataDirectory the directory in which to write the configuration changes data file - * @param kerberosConfigurations the Kerberos-specific configuration map - * @param propertiesToBeRemoved - * @throws AmbariException - */ - protected void processConfigurationChanges(String dataDirectory, - Map<String, Map<String, String>> kerberosConfigurations, - Map<String, Set<String>> propertiesToBeRemoved) - throws AmbariException { - actionLog.writeStdOut("Determining configuration changes"); - - // If there are configurations to set, create a (temporary) data file to store the configuration - // updates and fill it will the relevant configurations. - if (!kerberosConfigurations.isEmpty()) { - if (dataDirectory == null) { - String message = "The data directory has not been set. Generated data can not be stored."; - LOG.error(message); - throw new AmbariException(message); - } - - File configFile = new File(dataDirectory, KerberosConfigDataFileWriter.DATA_FILE_NAME); - KerberosConfigDataFileWriter kerberosConfDataFileWriter = null; - - actionLog.writeStdOut(String.format("Writing configuration changes metadata file to %s", configFile.getAbsolutePath())); - try { - kerberosConfDataFileWriter = kerberosConfigDataFileWriterFactory.createKerberosConfigDataFileWriter(configFile); - // add properties to be set - for (Map.Entry<String, Map<String, String>> entry : kerberosConfigurations.entrySet()) { - String type = entry.getKey(); - Map<String, String> properties = entry.getValue(); - - if (properties != null) { - for (Map.Entry<String, String> configTypeEntry : properties.entrySet()) { - kerberosConfDataFileWriter.addRecord(type, - configTypeEntry.getKey(), - configTypeEntry.getValue(), - KerberosConfigDataFileWriter.OPERATION_TYPE_SET); - } - } - } - // add properties to be removed - if (propertiesToBeRemoved != null) { - for (Map.Entry<String, Set<String>> entry : propertiesToBeRemoved.entrySet()) { - String type = entry.getKey(); - Set<String> properties = entry.getValue(); - - if (properties != null) { - for (String property : properties) { - kerberosConfDataFileWriter.addRecord(type, - property, - "", - KerberosConfigDataFileWriter.OPERATION_TYPE_REMOVE); - } - } - } - } - } catch (IOException e) { - String message = String.format("Failed to write kerberos configurations file - %s", configFile.getAbsolutePath()); - LOG.error(message, e); - actionLog.writeStdOut(message); - actionLog.writeStdErr(message + "\n" + e.getLocalizedMessage()); - throw new AmbariException(message, e); - } finally { - if (kerberosConfDataFileWriter != null) { - try { - kerberosConfDataFileWriter.close(); - } catch (IOException e) { - String message = "Failed to close the kerberos configurations file writer"; - LOG.warn(message, e); - actionLog.writeStdOut(message); - actionLog.writeStdErr(message + "\n" + e.getLocalizedMessage()); - } - } - } - } - } } http://git-wip-us.apache.org/repos/asf/ambari/blob/9dc4a3df/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/AbstractPrepareKerberosServerActionTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/AbstractPrepareKerberosServerActionTest.java b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/AbstractPrepareKerberosServerActionTest.java index ef2288c..95e5513 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/AbstractPrepareKerberosServerActionTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/AbstractPrepareKerberosServerActionTest.java @@ -20,8 +20,6 @@ package org.apache.ambari.server.serveraction.kerberos; import static org.easymock.EasyMock.anyBoolean; import static org.easymock.EasyMock.anyObject; -import static org.easymock.EasyMock.anyString; -import static org.easymock.EasyMock.capture; import static org.easymock.EasyMock.expect; import static org.easymock.EasyMock.replay; import static org.easymock.EasyMock.verify; @@ -46,10 +44,7 @@ import org.apache.ambari.server.state.ServiceComponentHost; import org.apache.ambari.server.state.kerberos.KerberosComponentDescriptor; import org.apache.ambari.server.state.kerberos.KerberosDescriptor; import org.apache.ambari.server.state.kerberos.KerberosServiceDescriptor; -import org.easymock.Capture; -import org.easymock.CaptureType; import org.easymock.EasyMock; -import org.junit.Assert; import org.junit.Before; import org.junit.Test; @@ -114,8 +109,7 @@ public class AbstractPrepareKerberosServerActionTest { Collection<String> identityFilter = new ArrayList<>(); Map<String, Map<String, String>> kerberosConfigurations = new HashMap<>(); - Map<String, Map<String, String>> propertiesToInsert = new HashMap<>(); - Map<String, Set<String>> propertiesToRemove = new HashMap<>(); + Map<String, Set<String>> propertiesToIgnore = new HashMap<>(); Map<String, String> descriptorProperties = new HashMap<>(); Map<String, Map<String, String>> configurations = new HashMap<>(); @@ -128,10 +122,7 @@ public class AbstractPrepareKerberosServerActionTest { put(zookeeperService, null); }}; - Capture<Set<String>> serviceCapture = Capture.newInstance(CaptureType.LAST); - expect(kerberosDescriptor.getProperties()).andReturn(descriptorProperties).atLeastOnce(); - expect(kerberosHelper.calculateConfigurations((Cluster)anyObject(), anyString(), (Map<String,String>)anyObject())).andReturn(configurations).atLeastOnce(); expect(kerberosIdentityDataFileWriterFactory.createKerberosIdentityDataFileWriter((File)anyObject())).andReturn(kerberosIdentityDataFileWriter); // it's important to pass a copy of clusterServices expect(cluster.getServices()).andReturn(new HashMap<>(clusterServices)).atLeastOnce(); @@ -149,16 +140,6 @@ public class AbstractPrepareKerberosServerActionTest { expect(serviceDescriptor.getComponent(hdfsComponent)).andReturn(componentDescriptor).once(); expect(componentDescriptor.getConfigurations(anyBoolean())).andReturn(null); - expect(kerberosHelper.applyStackAdvisorUpdates( - (Cluster)anyObject(), - capture(serviceCapture), - (Map<String, Map<String, String>>)anyObject(), - (Map<String, Map<String, String>>)anyObject(), - (Map<String, Set<String>>)anyObject(), - (Map<String, Map<String, String>>)anyObject(), - (Map<String, Set<String>>)anyObject(), - anyBoolean())).andReturn(null).atLeastOnce(); - replay(kerberosDescriptor, kerberosHelper, kerberosIdentityDataFileWriterFactory, cluster, serviceComponentHostHDFS, serviceComponentHostZK, serviceDescriptor, componentDescriptor); @@ -167,15 +148,10 @@ public class AbstractPrepareKerberosServerActionTest { serviceComponentHosts, identityFilter, "", - kerberosConfigurations, - propertiesToInsert, - propertiesToRemove, - false, false); + configurations, kerberosConfigurations, + false, propertiesToIgnore); verify(kerberosHelper); - - Set<String> resultServices = serviceCapture.getValue(); - Assert.assertEquals(clusterServices.keySet(), resultServices); } }